Allow confined users r/w to screen unix stream socket

The screen_role_template() was updated to add the allow rules for all confined users which are allowed to use screen/tmux. Resolves: RHEL-50379
zpytela · Oct 22, 2024 · 282e883 · 282e883
1 parent 2bb4af8
commit 282e883
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/policy/modules/contrib/screen.if b/policy/modules/contrib/screen.if
@@ -48,7 +48,7 @@ template(`screen_role_template',`
 
 	domtrans_pattern($3, screen_exec_t, $1_screen_t)
 	allow $3 $1_screen_t:process { signal sigchld };
-	dontaudit $3 $1_screen_t:unix_stream_socket { ioctl read write };
+	allow $3 $1_screen_t:unix_stream_socket { ioctl read write };
 	allow $1_screen_t $3:unix_stream_socket { connectto };
 	allow $1_screen_t $3:process signal;
     allow $3 screen_exec_t:file entrypoint;